It has been a while since I posted a collection of new OSINT resources, so this one is lengthy. The following were recently added to the online search tools, live training curriculum, and online training courses.

Trumail API (https://api.trumail.io/v2/lookups/[email protected]): This API was demonstrated in my recent webinar about email search. It serves as a verification option to identify legitimate email addresses and filter burner accounts. It also explicitly identifies disposable and free email services, while announcing whether an account is a catch-all.

Spycloud (https://portal.spycloud.com/endpoint/enriched-stats/[email protected]): This API provides a positive or negative indicator for an email address present in the Spycloud collection of data breaches. While the information is minimal, no API key is required. It also identifies the number of breached email records for the domain.

VIN-NHTSA (https://vpic.nhtsa.dot.gov/api/vehicles/decodevinextended/3GTEK13Y87G527460?format=json): This is an official government VIN search for vehicle make/model details. The output is very detailed, and below is a portion.

"Message": "Results returned successfully",
"SearchCriteria": "VIN:3GTEK13Y87G527460",
"Value": "GENERAL MOTORS LLC",
"Value": "Sierra",
"Value": "2007",
"Value": "1500 (1/2 ton)",
"Value": "TRUCK ",

FAXVIN (https://www.faxvin.com/): This alternative option allows you to enter a VIN to identify full details about the vehicle (but no owner information).

Vehicle History (https://www.vehiclehistory.com/): Vehicle search by VIN which provides details about the make/model/recalls/thefts/etc.

O'Reilly License (https://www.oreillyauto.com/): This option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

Carvana (https://www.carvana.com): This alternative option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

Facebook Live (https://www.facebook.com/search/str/Live/videos-live): A less powerful replacement for the Facebook Live Video Map, which was eliminated earlier this year.

Facebook Intersect Search Tool (https://www.osintcombine.com/facebook-intersect-search-tool): Graphical option for Facebook intersect searching.

Carbon Dating The Web (http://carbondate.cs.odu.edu): This service uses public archives of a domain to estimate the creation date. The following demo of my own site was only off by two months.

DomainBigData ( https://domainbigdata.com): This is a typical Whois lookup site, but contains a free historic record, as seen below. This can identify the owner of a website which currently possesses a private registration.

URLScan (https://urlscan.io/): This resource provides an additional screen capture of the target address, which is often dated prior to undesired website changes or deletions. This is a small supplement to archive sites.

Website Informer (https://website.informer.com):This offers yet another unique historical view of a domain.

DomainIQ - Hosting Research (https://www.domainiq.com/hosting_research): The screen capture archive of this resource has been extremely helpful in the past. It is currently down, but will hopefully return. When working, the following screen would be full of archived screen captures of a website.

FluidDATA Podcast Search Engine (https://fluiddata.com): This resource allows you to search the spoken text of many podcasts. Useful for searching email addresses such as mike at gmail dot com.

BitcoinAbuse (https://www.bitcoinabuse.com): This Bitcoin service identifies incidents of malicious use of cryptocurrencies. Great for tracking the use of Bitcoin in email scams.

Google: This Google Search operator will find practically any type of file publicly linked, using the word Book as an example.

AIOSearch (http://www.aiosearch.com): This service searches the most popular file sharing hosts.

The following three background removal services will attempt to remove any undesired content from an image. This can lead to better results when conducting a reverse image search in attempts to identify a person or object.

Remove.bg (https://www.remove.bg/)
Clipping Magic (https://clippingmagic.com/)
Background Burner (https://burner.bonanza.com/)